Hi. I'm currently learning and working with Jenkins CI/CD pipeline in AWS and have a question.
For security, Jenkins should not be open to public. So the ways of implementing secure Jenkins are
Deploy Jenkins in private subnet ec2 instance and do something to access Jenkins UI (Stuck here because PrivateLink and Bastion allows only CLI connection)
Deploy Jenkins in public subnet and set Security Group inbound rule to accept only from specific ip.
Or something else?
*) And also, should I give Jenkins instance SSL to make it https, or http with restricted security group is okay?
What is the best practice that is used in the workfield? Any help would be appreciated.
Also, if you know a place that has information about this kind of DevOps Best practice, I would appreciate it if you could let me know.
Top comments (0)